• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
trouble with is_ajax_request()

#1
I am sending a buffer from my browser to my CI server app. The problem is that is_ajax_request() takes a look at

HTTP_X_REQUESTED_WITH server header and it seems this is not being set so "is_ajax_request()" is failing. 

Taking a look at the browser debugger here are the request headers
    1. Code:
      Provisional headers are shown
      Access-Control-Request-Headers: x-requested-with
      Access-Control-Request-Method: POST
      Origin: chrome-extension://bdjgnodlhfmhghjhbkkkaaammfocdpib
      User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36


So I am sending it, but it seems to not be in $_SERVER[]. Instead in $_SERVER[] I see:


Code:
HTTP_HOST = {@140470162541456} "www.xxxubstantiation.com"
HTTP_CONNECTION = {@140470162541824} "keep-alive"
HTTP_PRAGMA = {@140470162542192} "no-cache"
HTTP_CACHE_CONTROL = {@140470162542568} "no-cache"
HTTP_ACCESS_CONTROL_REQUEST_METHOD = {@140470162542968} "POST"
HTTP_ORIGIN = {@140470162543440} "chrome-extension://bdjgnodlhfmhghjhbkkkaaammfocdpib"
HTTP_USER_AGENT = {@140470162544288} "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36"
HTTP_ACCESS_CONTROL_REQUEST_HEADERS = {@140470162544696} "x-requested-with"  <<<<<here
HTTP_ACCEPT = {@140470162545088} "*/*"
HTTP_ACCEPT_ENCODING = {@140470162546008} "gzip, deflate, br"
HTTP_ACCEPT_LANGUAGE = {@140470162546392} "en-US,en;q=0.9"
I thought that I would see a 'HTTP_X_REQUESTED_WITH'="x-requested-with".

Another possible reason that this is not working is that there is some rule against using redirect with CORS. As you can see below, there is some redirection going on. I don't know where that is being set. 


Code:
REDIRECT_SCRIPT_URL = {@140470162537752} "/sub_crud/Subit_backend/register"
REDIRECT_SCRIPT_URI = {@140470162538248} "https://www.xxxubstantiation.com/sub_crud/Subit_backend/register"
REDIRECT_HTTPS = {@140470162538624} "on"
REDIRECT_SSL_TLS_SNI = {@140470162539032} "www.xxxubstantiation.com"
REDIRECT_STATUS = {@140470162539408} "200"
Does anyone know how the $_STATUS elements get set? 
proof that an old dog can learn new tricks
Reply

#2
X-Requested-With is set only by AJAX libraries like jQuery, Mootools, Prototype etc.

If you're using a custom AJAX handler and want this functionality, you can trigger the request header by adding
the following AFTER you've opened the request with .open():

xmlHttpRequestObject.setRequestHeader('X-Requested-With', 'XMLHttpRequest');
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply

#3
Thx insite. I've figured out that as long as I have a tab open to the same server domain, the x-requested-with IS being sent. If I don't have a tab to my domain open, a preflight (rather than the POST) is being sent instead. My next problem is that the CI server code is actually starting up my controller/method. I thought from looking at a flow diagram that the browser/server handled the handshake w/o my code having to deal with it, and then my CI function would wake up when the real POST came in. However if you look at this https://developer.mozilla.org/en-US/docs...d_requests it seems that my CI application must handle the preflight itself(there is sample php code).
proof that an old dog can learn new tricks
Reply

#4
OK. I got it fixed. Here is what I have found for the next person who has this problem. In order to send a message from a browser to CI on a server via XMLHTTP, you need to set

       xhr.setRequestHeader("X-REQUESTED-WITH",'xmlhttprequest'); 

Otherwise $this->input->is_ajax_request() will not recognize the request as ajax. But if you include X-Requested-with in your header, then your browser will send the message as OPTIONS which means it first sends a preflight request. You server code need to ignore that pre-flight which is easy since $this->input->is_ajax_request() will not return a true for a preflight. I also added the following to the .htaccess

Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Headers "Accept,Authorization,Content-Type,Origin,X-Requested-With"
Header set Access-Control-Allow-Methods "GET, POST, PATCH, PUT, DELETE, OPTION"
Header set Access-Control-Max-Age: 86400

The bottom line is that although I didn't want a preflight I was forced to deal with it because of the X-REQUESTED-WITH requirement of is_ajax_request().
proof that an old dog can learn new tricks
Reply

#5
Glad you got it working.
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2019 MyBB Group.